Skip to content

Chhore: Upgrade Python dependencies#56

Merged
voj merged 1 commit intodeploy-testfrom
chore/upgrade
Mar 18, 2026
Merged

Chhore: Upgrade Python dependencies#56
voj merged 1 commit intodeploy-testfrom
chore/upgrade

Conversation

@voj
Copy link
Copy Markdown
Collaborator

@voj voj commented Mar 17, 2026

Also introduces a Claude skill to perform a python dependency upgrade based on vulnerability severity.

  ┌──────────────┬─────────┬────────┬────────────────────────────────────────────────┬──────────────────────┐
  │   Package    │ Before  │ After  │                   CVEs Fixed                   │       Severity       │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ authlib      │ 1.6.6   │ 1.6.9  │ CVE-2026-27962, CVE-2026-28802, CVE-2026-28490 │ Critical, High, High │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ nltk         │ 3.9.2   │ 3.9.3  │ CVE-2025-14009                                 │ Critical             │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ cryptography │ 46.0.3  │ 46.0.5 │ CVE-2026-26007                                 │ High                 │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ urllib3      │ 2.6.2   │ 2.6.3  │ CVE-2026-21441                                 │ High                 │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ black        │ 25.12.0 │ 26.3.1 │ CVE-2026-32274                                 │ High                 │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ filelock     │ 3.20.1  │ 3.25.2 │ CVE-2026-22701                                 │ Moderate             │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ marshmallow  │ 4.1.1   │ 4.2.2  │ CVE-2025-68480                                 │ Moderate             │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ werkzeug     │ 3.1.4   │ 3.1.6  │ CVE-2026-21860, CVE-2026-27199                 │ Moderate             │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ virtualenv   │ 20.35.4 │ 21.2.0 │ CVE-2026-22702                                 │ Moderate             │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ flask        │ 3.1.2   │ 3.1.3  │ CVE-2026-27205                                 │ Low                  │
  ├──────────────┼─────────┼────────┼────────────────────────────────────────────────┼──────────────────────┤
  │ pip          │ 25.3    │ 26.0.1 │ CVE-2026-1703                                  │ Low                  │
  └──────────────┴─────────┴────────┴────────────────────────────────────────────────┴──────────────────────┘

  - All 39 tests passed after each upgrade
  - Integration test confirmed the server responds correctly
  - Version bumped from 0.4.0 to 0.4.1
  - No upgrades were skipped

@voj voj requested review from chrisbc and chrisdicaprio March 17, 2026 02:42
@voj voj self-assigned this Mar 17, 2026
@voj voj changed the base branch from main to deploy-test March 17, 2026 02:43
@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 17, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (3d55754) to head (4081a42).
⚠️ Report is 1 commits behind head on deploy-test.

Additional details and impacted files 
@@              Coverage Diff              @@
##           deploy-test       #56   +/-   ##
=============================================
  Coverage       100.00%   100.00%           
=============================================
  Files                6         6           
  Lines              234       234           
  Branches            11        11           
=============================================
  Hits               234       234
Flag Coverage Δ
unittests 100.00% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

chrisdicaprio
chrisdicaprio approved these changes Mar 17, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@chrisdicaprio chrisdicaprio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but I do have a question about what claude is allowed to run.

Comment thread .claude/settings.local.json Outdated
@voj voj merged commit e22a92b into deploy-test Mar 18, 2026
1 check passed
@voj voj deleted the chore/upgrade branch March 18, 2026 00:46
voj added a commit that referenced this pull request Mar 18, 2026
@voj
Chore: upgrade dependencies, add upgrade sklill (#56) (#57)
6960f0b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chrisdicaprio chrisdicaprio chrisdicaprio approved these changes

@chrisbc chrisbc Awaiting requested review from chrisbc

Assignees

@voj voj

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@voj @chrisdicaprio